def delete_playlist(playlist_mbid):
"""
Delete a playlist. POST body data does not need to contain anything.
:reqheader Authorization: Token <user token>
:statuscode 200: playlist deleted.
:statuscode 401: invalid authorization. See error message for details.
:statuscode 403: forbidden. the requesting user was not allowed to carry out this operation.
:statuscode 404: Playlist not found
:resheader Content-Type: *application/json*
"""
user = validate_auth_header()
if not is_valid_uuid(playlist_mbid):
log_raise_400("Provided playlist ID is invalid.")
playlist = db_playlist.get_by_mbid(playlist_mbid)
if playlist is None or not playlist.is_visible_by(user["id"]):
raise APINotFound("Cannot find playlist: %s" % playlist_mbid)
if playlist.creator_id != user["id"]:
raise APIForbidden("You are not allowed to delete this playlist.")
try:
db_playlist.delete_playlist(playlist)
except Exception as e:
current_app.logger.error("Error deleting playlist: {}".format(e))
raise APIInternalServerError("Failed to delete the playlist. Please try again.")
return jsonify({'status': 'ok'})
def add_playlist_item(playlist_mbid, offset):
"""
Append recordings to an existing playlist by posting a playlist with one of more recordings in it.
The playlist must be in JSPF format with MusicBrainz extensions, which is defined here:
https://musicbrainz.org/doc/jspf .
If the offset is provided in the URL, then the recordings will be added at that offset,
otherwise they will be added at the end of the playlist.
You may only add :data:`~webserver.views.playlist_api.MAX_RECORDINGS_PER_ADD` recordings in one
call to this endpoint.
:reqheader Authorization: Token <user token>
:statuscode 200: playlist accepted.
:statuscode 400: invalid JSON sent, see error message for details.
:statuscode 401: invalid authorization. See error message for details.
:statuscode 403: forbidden. the requesting user was not allowed to carry out this operation.
:resheader Content-Type: *application/json*
"""
user = validate_auth_header()
if offset is not None and offset < 0:
log_raise_400("Offset must be a positive integer.")
if not is_valid_uuid(playlist_mbid):
log_raise_400("Provided playlist ID is invalid.")
playlist = db_playlist.get_by_mbid(playlist_mbid)
if playlist is None or not playlist.is_visible_by(user["id"]):
raise APINotFound("Cannot find playlist: %s" % playlist_mbid)
if not playlist.is_modifiable_by(user["id"]):
raise APIForbidden("You are not allowed to add recordings to this playlist.")
data = request.json
validate_playlist(data)
if len(data["playlist"]["track"]) > MAX_RECORDINGS_PER_ADD:
log_raise_400("You may only add max %d recordings per call." % MAX_RECORDINGS_PER_ADD)
precordings = []
if "track" in data["playlist"]:
for track in data["playlist"]["track"]:
try:
mbid = UUID(track['identifier'][len(PLAYLIST_TRACK_URI_PREFIX):])
except (KeyError, ValueError):
log_raise_400("Track %d has an invalid identifier field, it must be a complete URI.")
precordings.append(WritablePlaylistRecording(mbid=mbid, added_by_id=user["id"]))
try:
db_playlist.add_recordings_to_playlist(playlist, precordings, offset)
except Exception as e:
current_app.logger.error("Error while adding recordings to playlist: {}".format(e))
raise APIInternalServerError("Failed to add recordings to the playlist. Please try again.")
return jsonify({'status': 'ok'})
def create_user_notification_event(user_name):
""" Post a message with a link on a user's timeline. Only approved users are allowed to perform this action.
The request should contain the following data:
.. code-block:: json
{
"metadata": {
"message": <the message to post, required>,
}
}
:param user_name: The MusicBrainz ID of the user on whose timeline the message is to be posted.
:type user_name: ``str``
:statuscode 200: Successful query, message has been posted!
:statuscode 400: Bad request, check ``response['error']`` for more details.
:statuscode 403: Forbidden, you are not an approved user.
:statuscode 404: User not found
:resheader Content-Type: *application/json*
"""
creator = validate_auth_header()
if creator["musicbrainz_id"] not in current_app.config[
'APPROVED_PLAYLIST_BOTS']:
raise APIForbidden(
"Only approved users are allowed to post a message on a user's timeline."
)
user = db_user.get_by_mb_id(user_name)
if user is None:
raise APINotFound(f"Cannot find user: {user_name}")
try:
data = ujson.loads(request.get_data())['metadata']
except (ValueError, KeyError) as e:
raise APIBadRequest(f"Invalid JSON: {str(e)}")
if "message" not in data:
raise APIBadRequest("Invalid metadata: message is missing")
message = _filter_description_html(data["message"])
metadata = NotificationMetadata(creator=creator['musicbrainz_id'],
message=message)
try:
db_user_timeline_event.create_user_notification_event(
user['id'], metadata)
except DatabaseException:
raise APIInternalServerError("Something went wrong, please try again.")
return jsonify({'status': 'ok'})
def move_playlist_item(playlist_mbid):
"""
To move an item in a playlist, the POST data needs to specify the recording MBID and current index
of the track to move (from), where to move it to (to) and how many tracks from that position should
be moved (count). The format of the post data should look as follows:
.. code-block:: json
{
"mbid": "<mbid>",
"from": 3,
"to": 4,
"count": 2
}
:reqheader Authorization: Token <user token>
:statuscode 200: move operation succeeded
:statuscode 400: invalid JSON sent, see error message for details.
:statuscode 401: invalid authorization. See error message for details.
:statuscode 403: forbidden. the requesting user was not allowed to carry out this operation.
:resheader Content-Type: *application/json*
"""
user = validate_auth_header()
if not is_valid_uuid(playlist_mbid):
log_raise_400("Provided playlist ID is invalid.")
playlist = db_playlist.get_by_mbid(playlist_mbid)
if playlist is None or not playlist.is_visible_by(user["id"]):
raise APINotFound("Cannot find playlist: %s" % playlist_mbid)
if not playlist.is_modifiable_by(user["id"]):
raise APIForbidden(
"You are not allowed to move recordings in this playlist.")
data = request.json
validate_move_data(data)
try:
db_playlist.move_recordings(playlist, data['from'], data['to'],
data['count'])
except Exception as e:
current_app.logger.error(
"Error while moving recordings in the playlist: {}".format(e))
raise APIInternalServerError(
"Failed to move recordings in the playlist. Please try again.")
return jsonify({'status': 'ok'})
def save_list():
creator = _validate_auth_header()
raw_data = request.get_data()
try:
data = ujson.loads(raw_data.decode("utf-8"))
except ValueError as e:
log_raise_400("Cannot parse JSON document: %s" % str(e), raw_data)
try:
list_name = data['name']
list_id = data['id']
members = data['users']
except KeyError as e:
log_raise_400("JSON missing key: %s" % str(e))
members = db_user.validate_usernames(members)
if list_id is None:
# create a new list
try:
list_id = db_follow_list.save(
name=list_name,
creator=creator['id'],
members=[member['id'] for member in members],
)
except DatabaseException as e:
raise APIForbidden("List with same name already exists.")
else:
# do some validation
current_list = db_follow_list.get(list_id)
if current_list is None:
raise APINotFound("List not found: %d" % list_id)
if current_list['creator'] != creator['id']:
raise APIUnauthorized("You can only edit your own lists.")
# update the old list
db_follow_list.update(
list_id=list_id,
name=list_name,
members=[member['id'] for member in members],
)
return jsonify({
"code": 200,
"message": "it worked!",
"list_id": list_id,
})
def delete_playlist_item(playlist_mbid):
"""
To delete an item in a playlist, the POST data needs to specify the recording MBID and current index
of the track to delete, and how many tracks from that position should be moved deleted. The format of the
post data should look as follows:
.. code-block:: json
{“index” : 3, “count”: 2}
:reqheader Authorization: Token <user token>
:statuscode 200: playlist accepted.
:statuscode 400: invalid JSON sent, see error message for details.
:statuscode 401: invalid authorization. See error message for details.
:statuscode 403: forbidden. the requesting user was not allowed to carry out this operation.
:resheader Content-Type: *application/json*
"""
user = validate_auth_header()
if not is_valid_uuid(playlist_mbid):
log_raise_400("Provided playlist ID is invalid.")
playlist = db_playlist.get_by_mbid(playlist_mbid)
if playlist is None or \
(playlist.creator_id != user["id"] and not playlist.public):
raise APINotFound("Cannot find playlist: %s" % playlist_mbid)
if playlist.creator_id != user["id"]:
raise APIForbidden(
"You are not allowed to remove recordings from this playlist.")
data = request.json
validate_delete_data(data)
try:
db_playlist.delete_recordings_from_playlist(playlist, data['index'],
data['count'])
except Exception as e:
current_app.logger.error(
"Error while deleting recordings from playlist: {}".format(e))
raise APIInternalServerError(
"Failed to deleting recordings from the playlist. Please try again."
)
return jsonify({'status': 'ok'})
def edit_playlist(playlist_mbid):
"""
Edit the private/public status, name, description or list of collaborators for an exising playlist.
The Authorization header must be set and correspond to the owner of the playlist otherwise a 403
error will be returned. All fields will be overwritten with new values.
:reqheader Authorization: Token <user token>
:statuscode 200: playlist accepted.
:statuscode 400: invalid JSON sent, see error message for details.
:statuscode 401: invalid authorization. See error message for details.
:statuscode 403: forbidden. The subitting user is not allowed to edit playlists for other users.
:resheader Content-Type: *application/json*
"""
user = validate_auth_header()
data = request.json
validate_playlist(data)
if not is_valid_uuid(playlist_mbid):
log_raise_400("Provided playlist ID is invalid.")
playlist = db_playlist.get_by_mbid(playlist_mbid, False)
if playlist is None or not playlist.is_visible_by(user["id"]):
raise APINotFound("Cannot find playlist: %s" % playlist_mbid)
if playlist.creator_id != user["id"]:
raise APIForbidden("You are not allowed to edit this playlist.")
try:
playlist.public = data["playlist"]["extension"][PLAYLIST_EXTENSION_URI]["public"]
except KeyError:
pass
if "annotation" in data["playlist"]:
# If the annotation key exists but the value is empty ("" or None),
# unset the description
description = data["playlist"]["annotation"]
if description:
description = _filter_description_html(description)
else:
description = None
playlist.description = description
if data["playlist"].get("title"):
playlist.name = data["playlist"]["title"]
collaborators = data.get("playlist", {}).\
get("extension", {}).get(PLAYLIST_EXTENSION_URI, {}).\
get("collaborators", [])
users = {}
# Uniquify collaborators list
collaborators = list(set(collaborators))
# Don't allow creator to also be a collaborator
if user["musicbrainz_id"] in collaborators:
collaborators.remove(user["musicbrainz_id"])
if collaborators:
users = db_user.get_many_users_by_mb_id(collaborators)
collaborator_ids = []
for collaborator in collaborators:
if collaborator.lower() not in users:
log_raise_400("Collaborator {} doesn't exist".format(collaborator))
collaborator_ids.append(users[collaborator.lower()]["id"])
playlist.collaborators = collaborators
playlist.collaborator_ids = collaborator_ids
db_playlist.update_playlist(playlist)
return jsonify({'status': 'ok'})
def create_playlist():
"""
Create a playlist. The playlist must be in JSPF format with MusicBrainz extensions, which is defined
here: https://musicbrainz.org/doc/jspf . To create an empty playlist, you can send an empty playlist
with only the title field filled out. If you would like to create a playlist populated with recordings,
each of the track items in the playlist must have an identifier element that contains the MusicBrainz
recording that includes the recording MBID.
When creating a playlist, only the playlist title and the track identifier elements will be used -- all
other elements in the posted JSPF wil be ignored.
If a created_for field is found and the user is not an approved playlist bot, then a 403 forbidden will be raised.
:reqheader Authorization: Token <user token>
:statuscode 200: playlist accepted.
:statuscode 400: invalid JSON sent, see error message for details.
:statuscode 401: invalid authorization. See error message for details.
:statuscode 403: forbidden. The submitting user is not allowed to create playlists for other users.
:resheader Content-Type: *application/json*
"""
user = validate_auth_header()
data = request.json
validate_create_playlist_required_items(data)
validate_playlist(data)
public = data["playlist"]["extension"][PLAYLIST_EXTENSION_URI]["public"]
collaborators = data.get("playlist", {}).\
get("extension", {}).get(PLAYLIST_EXTENSION_URI, {}).\
get("collaborators", [])
# Uniquify collaborators list
collaborators = list(set(collaborators))
# Don't allow creator to also be a collaborator
if user["musicbrainz_id"] in collaborators:
collaborators.remove(user["musicbrainz_id"])
username_lookup = collaborators
created_for = data["playlist"].get("created_for", None)
if created_for:
username_lookup.append(created_for)
users = {}
if username_lookup:
users = db_user.get_many_users_by_mb_id(username_lookup)
collaborator_ids = []
for collaborator in collaborators:
if collaborator.lower() not in users:
log_raise_400("Collaborator {} doesn't exist".format(collaborator))
collaborator_ids.append(users[collaborator.lower()]["id"])
# filter description
description = data["playlist"].get("annotation", None)
if description is not None:
description = _filter_description_html(description)
playlist = WritablePlaylist(name=data['playlist']['title'],
creator_id=user["id"],
description=description,
collaborator_ids=collaborator_ids,
collaborators=collaborators,
public=public)
if data["playlist"].get("created_for", None):
if user["musicbrainz_id"] not in current_app.config["APPROVED_PLAYLIST_BOTS"]:
raise APIForbidden("Playlist contains a created_for field, but submitting user is not an approved playlist bot.")
created_for_user = users.get(data["playlist"]["created_for"].lower())
if not created_for_user:
log_raise_400("created_for user does not exist.")
playlist.created_for_id = created_for_user["id"]
if "track" in data["playlist"]:
for track in data["playlist"]["track"]:
try:
playlist.recordings.append(WritablePlaylistRecording(mbid=UUID(track['identifier'][len(PLAYLIST_TRACK_URI_PREFIX):]),
added_by_id=user["id"]))
except ValueError:
log_raise_400("Invalid recording MBID found in submitted recordings")
try:
playlist = db_playlist.create(playlist)
except Exception as e:
current_app.logger.error("Error while creating new playlist: {}".format(e))
raise APIInternalServerError("Failed to create the playlist. Please try again.")
return jsonify({'status': 'ok', 'playlist_mbid': playlist.mbid})
